Attribute delegation in ubiquitous environments
Proceedings of the 3rd international conference on Mobile multimedia communications
ACM Transactions on Multimedia Computing, Communications, and Applications (TOMCCAP)
Enabling attribute delegation in ubiquitous environments
Mobile Networks and Applications
Distributed Attribute-Based Encryption
Information Security and Cryptology --- ICISC 2008
A Semantic-Aware Attribute-Based Access Control Model for Web Services
ICA3PP '09 Proceedings of the 9th International Conference on Algorithms and Architectures for Parallel Processing
Multiagent Security Evaluation Framework for Service Oriented Architecture Systems
KES '09 Proceedings of the 13th International Conference on Knowledge-Based and Intelligent Information and Engineering Systems: Part I
Access Control of Cloud Service Based on UCON
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Sh@re: negotiated audit in social networks
SMC'09 Proceedings of the 2009 IEEE international conference on Systems, Man and Cybernetics
A privacy-enhanced attribute-based access control system
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Identity as a service-towards a service-oriented identity management architecture
EUNICE'07 Proceedings of the 13th open European summer school and IFIP TC6.6 conference on Dependable and adaptable networks and services
An access control model for mobile physical objects
Proceedings of the 15th ACM symposium on Access control models and technologies
Identity propagation in N-tier systems
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Rule-based policy enforcement point for map services
Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Attribute-Based Messaging: Access Control and Confidentiality
ACM Transactions on Information and System Security (TISSEC)
Security mechanisms for geographic data
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
Scalable authorization middleware for service oriented architectures
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Enabling access to web resources through SecPODE-based annotations
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems
BABAC: An Access Control Framework for Network Virtualization Using User Behaviors and Attributes
GREENCOM-CPSCOM '10 Proceedings of the 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing
MundoMessage: enabling trustworthy ubiquitous emergency communication
Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication
Securely disseminating RFID events
Proceedings of the 5th ACM international conference on Distributed event-based system
Exploiting proxy-based federated identity management in wireless roaming access
TrustBus'11 Proceedings of the 8th international conference on Trust, privacy and security in digital business
Attribute-Based authentication and authorisation infrastructures for e-commerce providers
EC-Web'06 Proceedings of the 7th international conference on E-Commerce and Web Technologies
A framework for modeling restricted delegation in service oriented architecture
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
SecDS: a secure EPC discovery service system in EPCglobal network
Proceedings of the second ACM conference on Data and Application Security and Privacy
Semantic access control for corporate mobile devices
ICA3PP'10 Proceedings of the 10th international conference on Algorithms and Architectures for Parallel Processing - Volume Part II
Toward a framework for cloud security
ICA3PP'10 Proceedings of the 10th international conference on Algorithms and Architectures for Parallel Processing - Volume Part II
Enforcing protection mechanisms for geographic data
W2GIS'12 Proceedings of the 11th international conference on Web and Wireless Geographical Information Systems
SecTTS: A secure track & trace system for RFID-enabled supply chains
Computers in Industry
Automated and efficient analysis of role-based access control with attributes
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
A unified attribute-based access control model covering DAC, MAC and RBAC
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Formal definitions for usable access control rule sets from goals to metrics
Proceedings of the Ninth Symposium on Usable Privacy and Security
Model-based, event-driven programming paradigm for interactive web applications
Proceedings of the 2013 ACM international symposium on New ideas, new paradigms, and reflections on programming & software
Social access control language (SocACL)
Proceedings of the 6th International Conference on Security of Information and Networks
Future Generation Computer Systems
PBA4WSSP: a policy-based architecture for web services security processing
Service Oriented Computing and Applications
Adaptiveness and social-compliance in trust management within virtual communities
Web Intelligence and Agent Systems - Web Intelligence and Communities
Hi-index | 0.00 |
For companies and government agencies alike, the emergence ofWeb services technologies and the evolution of distributed systemstoward Service Oriented Architectures (SOA) have helped promote collaboration and information sharing by breaking down "stove-piped"systems and connecting them via loosely coupled, interoperablesystem-to-system interfaces. Such architectures, however, also bring about their own security challenges that require due consideration. Unfortunately, the current information security mechanisms are insufficientto address thesechallenges. In particular, the access control models today are mostly static and coarsely grained; they are not well-suitedfor the service-oriented environments where information access isdynamic and ad-hoc in nature. This paper outlines the access control challenges for Web services and SOA, and proposes an Attribute BasedAccess Control (ABAC) model as a new approach, which is based onsubject, object, and environment attributes and supports both mandatory and discretionary access control needs. The paper describes the ABAC model in terms of its authorizationarchitecture and policy formulation, and makes a detailed comparison between ABAC and traditional role-based models, which clearly showsthe advantages of ABAC. The paper then describes how this newmodel can be applied to securing web service invocations, with animplementation based on standard protocols and open-source tools.The paper concludes with a summary of the ABAC modelýs benefits and some future directions.